package com.fanghuyun.iswaf.function;

import java.util.Enumeration;
import java.util.Map;
import java.util.Properties;

import javax.servlet.http.HttpServletRequest;

import com.fanghuyun.iswaf.common.ClientLogger;
import com.fanghuyun.iswaf.common.Constants;
import com.fanghuyun.iswaf.filter.DoFilter;
import com.fanghuyun.iswaf.util.XssFilter;

public class Xss extends DoFilter{

	public static Map<String, Object> CheckXss(HttpServletRequest request,Map<String, Object> wrapper,Properties properties){
		Enumeration<?> e = request.getParameterNames();
		while (e.hasMoreElements()) {
			String key = (String)e.nextElement(),
				value = request.getParameter(key),
				filter = new XssFilter().filter(value);
			if(!value.equals(filter)){
				ClientLogger.addAttackLogs(request,Constants.SYS_FUNCTION_XSS);
				wrapper.put(key, filter);
			}
		}
		return wrapper;
	}
	
}
